You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by norman <no...@apache.org> on 2007/07/19 18:55:31 UTC

Re: [jira] Commented: (JAMES-782) Add docs howto use SSL with JAVA6 [ was: SSL support not work with JAVA6]

+1
Norman

Am Mittwoch, den 18.07.2007, 14:33 -0700 schrieb Stefano Bagnara (JIRA):
> [ https://issues.apache.org/jira/browse/JAMES-782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12513725 ] 
> 
> Stefano Bagnara commented on JAMES-782:
> ---------------------------------------
> 
> Well, in fact I read it in the docs :-)
> 
> Directly from our config.xml:
>    <!-- In order to use the ssl factory under Java 1.5 and support all Clients -->
>    <!-- (particularly Mozilla Thunderbird) you need to install the Sun JCE -->
>    <!-- provider in your environment (james/lib) -->
>    <!-- e.g: jre/lib/ext/sunjce_provider.jar -->
> 
> Maybe this should be extended to Java 6 and added also to FAQ, if you want.
> 
> > Add docs howto use SSL with JAVA6 [ was: SSL support not work with JAVA6]
> > -------------------------------------------------------------------------
> >
> >                 Key: JAMES-782
> >                 URL: https://issues.apache.org/jira/browse/JAMES-782
> >             Project: James
> >          Issue Type: Task
> >    Affects Versions: 2.2.0, 2.3.0, 2.3.1, Next Minor, Next Major, Trunk
> >            Reporter: Norman Maurer
> >
> > From ML:
> > Hi all,
> > I'm running a build of svn trunk on java6 and I'm experiencing some
> > security related errors.
> > My colleague running james 2.2 on java 6 is also experiencing security
> > related issues with the same Exceptions.
> > in the pop3serevr log I get:
> > 18/12/06 10:27:14 ERROR pop3server-tls: Exception handling socket to
> > 58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been
> > shutdown: javax.net.ssl.SSLExcepti
> > on: java.lang.RuntimeException: Could not generate dummy secret
> > javax.net.ssl.SSLException: Connection has been shutdown:
> > javax.net.ssl.SSLException: java.lang.RuntimeException: Could not
> > generate dummy secret
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172)
> >         at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65)
> >         at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
> >         at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
> >         at org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158)
> >         at org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115)
> >         at org.apache.james.pop3server.POP3Handler.readCommandLine(POP3Handler.java:316)
> >         at org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:211)
> >         at org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259)
> >         at org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468)
> >         at org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
> >         at org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
> > Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
> > Could not generate dummy secret
> >         at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396)
> >         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
> >         at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
> >         at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
> >         at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
> >         at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
> >         at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
> >         at java.io.BufferedWriter.flush(BufferedWriter.java:236)
> >         at java.io.PrintWriter.flush(PrintWriter.java:276)
> >         at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94)
> >         at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191)
> >         at org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399)
> >         at org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:188)
> >         ... 4 more
> > Caused by: java.lang.RuntimeException: Could not generate dummy secret
> >         at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:158)
> >         at com.sun.net.ssl.internal.ssl.Handshaker.calculateMasterSecret(Handshaker.java:680)
> >         at com.sun.net.ssl.internal.ssl.Handshaker.calculateKeys(Handshaker.java:631)
> >         at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:204)
> >         at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
> >         at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621)
> >         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
> >         ... 15 more
> > Caused by: java.security.NoSuchAlgorithmException:
> > SunTlsRsaPremasterSecret KeyGenerator not available
> >         at javax.crypto.KeyGenerator.<init>(DashoA13*..)
> >         at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
> >         at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
> >         at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:152)
> >         ... 24 more
> > and in the smtpserver log i get
> > 18/12/06 11:20:04 ERROR smtpserver-tls: Exception handling socket to
> > 58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been
> > shutdown: javax.net.ssl.SSLExcepti
> > on: java.lang.RuntimeException: Could not generate secret
> > javax.net.ssl.SSLException: Connection has been shutdown:
> > javax.net.ssl.SSLException: java.lang.RuntimeException: Could not
> > generate secret
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172)
> >         at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65)
> >         at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
> >         at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
> >         at org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158)
> >         at org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115)
> >         at org.apache.james.smtpserver.SMTPHandler.readCommandLine(SMTPHandler.java:503)
> >         at org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:254)
> >         at org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259)
> >         at org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468)
> >         at org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
> >         at org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
> > Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
> > Could not generate secret
> >         at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396)
> >         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
> >         at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
> >         at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
> >         at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
> >         at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
> >         at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
> >         at java.io.BufferedWriter.flush(BufferedWriter.java:236)
> >         at java.io.PrintWriter.flush(PrintWriter.java:276)
> >         at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94)
> >         at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191)
> >         at org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399)
> >         at org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:207)
> >         ... 4 more
> > Caused by: java.lang.RuntimeException: Could not generate secret
> >         at com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:168)
> >         at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientKeyExchange(ServerHandshaker.java:981)
> >         at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:184)
> >         at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
> >         at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029)
> >         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621)
> >         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
> >         ... 15 more
> > Caused by: java.security.NoSuchAlgorithmException: Unsupported secret
> > key algorithm: TlsPremasterSecret
> >         at com.sun.crypto.provider.DHKeyAgreement.engineGenerateSecret(DashoA6275)
> >         at javax.crypto.KeyAgreement.generateSecret(DashoA13*..)
> >         at com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:166)
> >         ... 23 more
> > This looks like it could be a problem associated with a move from
> > java5 to java6, but I'm not sure how to fix it.
> > Any help from you guys would be appreciated.
> > Thanks,
> > Kev 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org